Chiebot-Mirror
/
c-ares
mirror of https://github.com/c-ares/c-ares.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity
A C library for asynchronous DNS requests (grpc依赖)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
224 Commits
14 Branches
96 Tags
22 MiB
 
 
 
 
 
Tag: Branch: Tree: 69950390b2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '69950390b2'
${ noResults }
c-ares/RELEASE-NOTES

57 lines
2.4 KiB
Raw Blame History

c-ares version 1.19.1
This is a security and bugfix release.
A special thanks goes out to the Open Source Technology Improvement Fund
(https://ostif.org) for sponsoring a security audit of c-ares performed by X41
(https://x41-dsec.de).
Security:
o CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service [12]
o CVE-2023-31147. Moderate. Insufficient randomness in generation of DNS
query IDs [13]
o CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() [14]
o CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross
compilation [15]
Bug fixes:
o Fix uninitialized memory warning in test [1]
o Turn off IPV6_V6ONLY on Windows to allow IPv4-mapped IPv6 addresses [2]
o ares_getaddrinfo() should allow a port of 0 [3]
o Fix memory leak in ares_send() on error [4]
o Fix comment style in ares_data.h [5]
o Remove unneeded ifdef for Windows [6]
o Fix typo in ares_init_options.3 [7]
o Re-add support for Watcom compiler [8]
o Sync ax_pthread.m4 with upstream [9]
o Windows: Invalid stack variable used out of scope for HOSTS path [10]
o Sync ax_cxx_compile_stdcxx_11.m4 with upstream to fix uclibc support [11]
Thanks go to these friendly people for their efforts and contributions:
Brad House (@bradh352)
@Chilledheart
Daniel Stenberg (@bagder)
Douglas R. Reno (@renodr)
Gregor Jasny (@gjasny)
Jay Freeman (@saurik)
@lifenjoiner
Nikolaos Chatzikonstantinou (@createyourpersonalaccount)
Yijie Ma (@yijiem)
(9 contributors)
References to bug reports and discussions on issues:
[1] = https://github.com/c-ares/c-ares/pull/515
[2] = https://github.com/c-ares/c-ares/pull/520
[3] = https://github.com/c-ares/c-ares/issues/517
[4] = https://github.com/c-ares/c-ares/pull/511
[5] = https://github.com/c-ares/c-ares/pull/513
[6] = https://github.com/c-ares/c-ares/pull/512
[7] = https://github.com/c-ares/c-ares/pull/510
[8] = https://github.com/c-ares/c-ares/pull/509
[9] = https://github.com/c-ares/c-ares/pull/507
[10] = https://github.com/c-ares/c-ares/pull/502
[11] = https://github.com/c-ares/c-ares/pull/505
[12] = https://github.com/c-ares/c-ares/security/advisories/GHSA-9g78-jv2r-p7vc
[13] = https://github.com/c-ares/c-ares/security/advisories/GHSA-8r8p-23f3-64c2
[14] = https://github.com/c-ares/c-ares/security/advisories/GHSA-x6mf-cxr9-8q6v
[15] = https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4